<?php

namespace App\Http\Middleware;

use Closure;

class CheckUserRole
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if ($request->user() &&
            $request->user()->role < 1 &&
            ! $request->user()->hasRole('Founder') &&
            ! $request->is('users/warning', 'logout')) {
            return $request->expectsJson()
                        ? abort(403, '您的账号已经被禁止登录.')
                        : redirect()->route('users.warning');
        }
        return $next($request);
    }
}
